Related link: http://www.crn.com/Sections/BreakingNews/dailyarchives.asp?ArticleID=36562

According to CMP, “The Java Community Process (JCP) is finalizing a new version of its charter that will make participation more open-source-friendly, said the leader of Sun Microsystems’ JCP office.” Dubbed JSR-99, the JCP 2.5 changes the Java specification participation so that it’s more open source friendly. There’s also JSR-177, which sets rules for how Java technology bundling happens, and when things have to be made available on their own as projects as well as through the Java platform itself.

So, to those who thought of the JCP as an open source community, you were wrong, and may still be depending on what this will truly mean.

Before the JCP can really be considered an open source community, the community membership dues need to be eliminated. Otherwise, it will remain an exclusive country club to most in the open source community.

What do you think of JCP?

Related link: http://www.microsoft.com/presspass/features/2002/jul02/0724palladiumwp.asp

Security is important: authentication, authorization and encryption are the cornerstones of secure and reliable communication and commerce. Standards for digital identity, once finalized, will contribute to the next Internet driven productivity boom, as business processes that have yet to be brought effectively on-line will continue to streamline enterprise operations. A pervasive digital identity is the key to a huge range of productive applications. But to realize these benefits without giving up ground already gained we need a system that serves users rather than vendors.

Last month I went down to TechX NY (previously known as PC Expo), where Intel and IBM were showing off a dedicated security chip that integrates PKI, data encryption and access control at the hardware level. This functionality is a real win for corporate IT departments who want to take a centralized approach to security and strong encryption. It’s also a nice potential boost for both IBM and Intel, who get to sell a lot more computers into large corporations (since integrated security chips can’t be added after the fact). The demo didn’t work perfectly, but there’s definitely some promise to the technology, and it’s available now.

Around the same time we started to hear about Microsoft’s Palladium, which, although it will also incorporate a hardware component, is something else entirely. For those who haven’t been following it closely, I’ve included a link (above) to Microsoft’s white paper on the subject. Palladium proposes to provide the same benefits within corporate IT departments, which is all well and good. The white paper, though, also alludes to the “millions of people [who] simply avoid some online transactions out of fear.” I’m not sure whether or not that’s even true, but it’s not a problem that can be solved by centralizing identity management. Now, to Microsoft’s credit, that’s not what they’re proposing with this particular software, at least not yet. But the user has to grant Microsoft an unprecedented level of trust anyway.

Source code for the trusted layer will be published and externally validated, but I haven’t found any announcements regarding how this will actually be done. There’s no reason, other than corporate profits and Windows platform lock-in, not to make any security specification along these lines completely open. The authentication, after all, comes from the hardware and the mathematics of public-private key encryption, not from the obscurity of the implementing software. I’d be much more comfortable if I could plug in my own trusted components according to my own needs, and I suspect most IT customers would as well. And needless to say, I’d like to be able to implement the server components and integration in non-Microsoft languages (particularly Java) on non-Microsoft operating systems.

Almost indirectly, the white paper raised another disturibing issue: step-wise pricing based on the level of personal information the user is willing to give out. In figure 3, a vendor requests a user’s name, Social Security Number and Credit Card information for a $100 purchase. The Palladium software informs the site that it is only authorized to provide name and credit card information, at which point the price goes up to $102. There’s nothing wrong with this in principle. In fact, my academic background is as an economist, and as a result I have a pronounced weakness for free market arguments. If someone wants to sell their social security number for a few dollars, then there’s no reason to prevent them from doing so. Still, given how often smart people do give away extremely sensitive information for next to nothing (doctors, for instance, frequently include their Social Security Numbers, and often their Drug Enforcement Agency controlled substance ids, on their curriculum vitae). No system will be a panacea: effective use requires further public education about the risks and rewards of distributing particular kinds of information. Hopefully users will begin to put realistic valuations on their own identity.

There are no two ways about it: pervasive identity systems are dangerous. I think that centralization of standards is supreme good sense. But I’m much less confident about centralization of implementation.

What do you think?

Related link: http://blogs.salon.com/0001108/2002/07/28.html#a51

Earlier today, I wrote:

Memo to Dave: I’d throw money in to a fund for to help defend technology. But, then again, I already do. Part of what you’re trying to do already exists. It’s called the Electronic Frontier Foundation and you should be mentioning it more often.

What’s that something? Well, a PAC meets the requirements. But so does the EFF. And that was my point: we already have organizations in place that are attempting to address some of these issues.

So, before we form a PAC, let’s stop and wonder: maybe that time and energy and money that would have gone into creating the PAC would be better spent supporting what’s already in place.

Then again, maybe not. Maybe there’s a lot of value in throwing a specific person out of office.

Related link: http://www.truthlaidbear.com/2014.html

In a previous post, I talked about three different ways people use blogs. Here’s another one: fictional diaries from the future.

What other innovative uses of weblogs are out there?

Related link: http://scriptingnews.userland.com/backissues/2002/07/27#When:5:47:41PM

Recently I’ve been wondering: Now that weblogs are gaining momentum (Salon Blogs being the latest example), now that they’re moving beyond the fringe … where do they go? What’s the point of a weblog and what does it accomplish?

The O’Reillynet blogs are mostly technological commentary. We who blog here are the moral equivalent of Howard Cosell (and technology is our NFL). Good stuff, often interesting, and one of the original missions: commenting on what’s going on.

Dave Winer (and others, like
Eric Albert) are gradually wandering into politics (they’re at the toe-dipping stage, but the big splash seems inevitable). What they’re doing is interesting: they’re attempting to jumpstart the tech community to defend technology. The idea here is: blogs are also social. Groups of like-minded bloggers link to each other, and the bloggers and their readership (which is considerably more interactive than readers of traditional forms of writing) form a social group. Hence blogs can help to organize groups of people and can help form political movements.

Memo to Dave:
I’d throw money in to a fund for to help defend technology. But, then again, I already do. Part of what you’re trying to do already exists. It’s called the Electronic Frontier Foundation and you should be mentioning it more often.

Meanwhile, over at Instapundit, Glenn Reynolds has discovered that the ideas behind open source apply to things beyond codebases. Eric Raymond (who also has a blog) once wrote: “given enough eyeballs, all bugs are shallow.” Glenn Reynolds and co seem to have discerned that blogs allow readers to talk back and, in fact, turn readers into crazed gangs of fact-checking ferrets. Given enough eyeballs, even a New York Times editorial can be corrected.

All in all, it’s interesting. 3 or 4 years ago I ran across diaryland and it was enough to make me permanently skeptical of weblogs. But, these days, I’m fascinated by the ways people are using them.

What else is a blog good for?

Related link: http://www.williamcrawford.info/

I’ve added a new weblog to my personal site, covering (hopefully!) broader issues than the O’Reilly version.

The 2002 O’Reilly Open Source Convention hosted a number of sessions on emerging technologies, including one on .NET. The .NET session was on Rotor, Microsoft’s shared source .NET Common Language Interface (CLI) project ported for FreeBSD. The project manager, David Stutz, conducted the session, which included information on history, architecture and more. It’s interesting to note that the CLI and C# could be formally accepted as ISO/ANSI standards by the end of the year when the final ballots have been submitted.

While Rotor is not open source, this shared source project allows developers to develop, port and compile .NET applications in C#, Perl, Java or other programming languages using metadata and/or Web services standards on an OS besides Windows; that’s currently FreeBSD. In recent weeks however, there have been ports on Linux and more. However, David Stutz would not comment except for saying that he was open to other ports besides FreeBSD. It’s also interesting to note that the Mac OS X kernel is FreeBSD. Given this and Microsoft’s investments in Apple, will we see .NET on Mac. It’s certainly possible.

For more on Rotor and .NET, visit O’Reilly Network’s .NET DevCenter.

What do you think of .NET; Rotor?

Related link: http://conferences.oreillynet.com/pub/w/15/track_java.html

The unofficial 2002 O’Reilly Open Source Convention (OSCON) Java conference wraps up on Friday with four sessions on NetBeans, Tomcat Clustering, JBoss, and Java for Mobile Devices/Mod_Perl.

NetBeans project lead Tim Boudreau will show you how to build applications based on the NetBeans Platform. If you program in Java, you are probably familiar with the NetBeans IDE. What you may be less familiar with is using the NetBeans core to build your own desktop applications. This session will cover the NetBeans APIs and some examples of how you can build more robust applications faster, using the NetBeans Platform to provide the basic infrastructure any large desktop application needs.

Next, Jason Brittain of CollabNet will talk about the Apache Jakarta Tomcat 4.0 clustering models and implementations. Eventually, one machine just isn’t enough for high traffic sites that use Java servlets. Regardless of whether it’s for better scalability or for fault tolerance, eventually your servlets will need to run on more than one server machine. To help you set up and maintain a clustered Tomcat 4 system, you should understand some of the details of the models and existing implementations of Tomcat 4 clustering infrastructure software. In addition to this session, you read the following article: Clustering with Tomcat.

After lunch, learn how JBoss 3.0 reduces development time and cost by Dain Sundstrom of the JBoss Group. JBoss has always been focused on making J2EE development painless and efficient. The most recent JBoss release, JBoss 3.0, includes several features that highlight how the efficiencies of J2EE (including a decrease in coding time, testing time and administration) can be fully realized. Certain core JBoss features will be discussed in detail with regard to providing an example of how to develop with these efficiencies in mind, including CMP 2.0, clustering,
hot-deployable services, and JMX.

And to cap it all off, Gunther Birznieks of eXtropia will talk about Java for mobile devices and/with Mod_Perl. This should be interesting to learn how Java 2ME and Mod_Perl come into play along with the WAP or other wireless protocols.

See you all there at these sessions. I will cover these sessions and wrap-it all up in our 2002 OSCON Java conference wrap-up report next week, to be published on ONJava.com.

Based on all the excitement over the many open source Java projects presented and taught at this year’s OSCON, would you like to see an official OSCON Java Conference starting next year? Please share your views here.

Related link: http://conferences.oreillynet.com/pub/w/15/track_java.html

O’Reilly’s Open Source Convention (OSCON) Java conference (unofficially) today was on the lite side, with only a session on Java Lightning Talks. Lightning Talks are a forum for Java developers, programmers and advocates to talk on any desired topic in a span of 5 minutes for each participant.

Today’s participants included Mac convert and author James Duncan Davidson, Apache vice president and JDOM.org founder Jason Hunter, Sun’s Open Source Diva, Danese Cooper, JBoss and more. James gave a re-hash of the significance of Apache and how it functions as an open source community. Jason discussed his experience with JDOM. Danese spoke about the status of open sourcing Java at Sun. Unfornately, the status is status quo. JBoss responded to Danese in regards to JBoss as a solution. Then, JBoss went on to talk about how open source projects seem to waste time on re-creating and implementing code bases that already exist in another form, another way of saying “re-inventing the wheel,” instead of focusing on indended project goals.

Afterwards, the audience participated as well in a more informal open source Java community town hall meeting with dynamic Q&A between the audience and the afore mentioned speakers. Topics included Python vs. Java. Language bias shouldn’t be because there’s a place for each language depending on domain of problem. Others came up as well. The final topic seemed to be on open source Java. What aspects of Java should be open sourced, etc.? Certainly, the reference implementation should be open source. Etc.

In order for this to possibly happen, Danese invited those who want this to happen to email her at danese.cooper@sun.com. She invited emails on your views for open source Java from Sun, including why Java should be open source and the value it can bring to Sun. Over time, she plans to collect as many as she can get, and share with Sun’s hierarchy. I as the editor of ONJava.com also invite you to be proactive, and email her or me at sanglin@oreilly.com. You can submit your opinions below in our Talk-Back, as well. Furthermore, look for a petition to be available on ONJava.com in the next week or so.

That’s all for today. Now, get ready for tomorrow’s four Java sessions. Get your fill, because these will be the last open source Java sessions until next year’s OSCON. See you there.

Vote here for open source Java reference implementation, source code, etc.

Related link: http://conferences.oreillynet.com/pub/w/15/track_java.html

The 2002 O’Reilly Open Source Convention (OSCON) and its unofficial open source Java conference goes into full swing with today’s sessions on “Open Source & Java: Lessons from the Apache Experience”, “Pay as you Go - MVC in JSPs and Servlets”, “JDOM Makes XML Easy”, “JUnit Tesing”, “High Performance Servlets With Apache 2.0″, and “Configuration Management with Ant, Bugzilla, and CVS.”

First, Mac convert James Duncan Davidson gave the first of the day’s sessions open source and Java. “Open Source Software has been a media darling the last few years, especially with attention being focused on the Linux based startups. However, there’s been a large amount of activity around Open Source Java at the Apache Software Foundation.” Over the past few years, there have been lessons about open source as well as collaborative Java development in this context. This talk explored these lessons, and the issues that created them. He used Jakarta Tomcat’s evolution as a specific example as it evolved from one adopted code base to another (i.e., Catalina), as well as eluded to Sun’s involvement with Apache during this evolution.

Next, Larry Karnowski of OpenNMS.org talked about how Java Server Pages (JSPs), with their simple script-like syntax, are easy to learn and understand and are well-suited for delivering features quickly. However, JSPs do not use the Model View Controller design pattern (MVC), which is important in user interface development for long-term maintainability and reusability but requires much more developer expertise. In order to benefit from the rapid development cycle and low expertise requirements for writing JSPs, but allow code to scale and be maintainable through MVC design patterns, developers should use coding strategies that take advantage of JSPs’ high-level aspects in early iterations but easily migrate to more scalable joint JSP/servlet MVC models when that extra cost is warranted. According to Larry, the “paying as you go”, features are quickly added, and only the JSPs that truly require an MVC architecture get that treatment and incur that cost.

After lunch, JDOM.org founder and Apache’s representative to the Java Community Process (JCP), Jason Hunter discussed JDOM. JDOM (JSR-102) is an open source Java API for processing XML documents that’s both simple and convenient. At a high level, it’s similar to the DOM, but since JDOM was designed specifically for Java rather than for multiple languages, it feels much more natural and “right” to Java programmers. For both beginners and experts, Jason showed how to use JDOM to easily and efficiently read and write XML documents from your Java programs while automatically maintaining well formedness. Jason also covered and explaned the new features added in Beta 8. He ended with a discussion of his experience in putting JDOM through Sun’s Java Community Process (JCP) as a Java Specification Request (JSR) – the first open source project to become a JSR. The speaker is the JDOM Specification Lead and also Apache’s representative to the Java Community Process.

Next, O’Reilly’s Ant: The Definitive Guide author Jesse E. Tilly talked about the open source Java testing frameworks such as the JUnit project and more. Testing for bugs is an important development endeavor. For more, check out Jesse’s other session at the end of the day, which includes Bugzilla.

Working for Apache and VNU Business Publications, Pier Fumagalli talked about his preference for a Tomcat Servlet container code base that’s fully compatible with the Apache 2.0 Server, which would support high performance Servlets.
After joining VNU, he had to face one problem: how to deliver 10 million Servlet generated pages a day without scaling massively on hardware. The solution was the adoption of Apache 2.0 and a new approach to Servlet Engines. Using parts of Tomcat 4.0 and embedding them directly into the multi-threaded architecture of Apache, his team was able to have performance increases on the order of 500% compared to closed-source and highly priced alternatives. In this session, Pier introduced the problems related to having high loads on Servlet-based sites; what are the possible solutions when scaling on hardware is not an option; and how to implement them in their environment.

And finally, Jesse E. Tilly rounds out the day’s sessions with “Configuration Management with Ant, Bugzilla, and CVS.” This presentation gave an overview of a configuration process that works. “No theory is involved, just battle-tested facts. Those other systems work because they’re built on time-tested methodologies that manage projects well. The same can be said with this methodology; it’s just that this particular implementation costs a lot less.”

That’s all all for now. I hope you got your fill of open source Java for the day. Take a break, but show up to the Java Lightning Talks after lunch on Thursday. See you there.

Related link: http://www.oreillynet.com/oscon2002/

The 2002 O’Reilly Open Source Convention (OSCON) and its unofficial Java conference
continued on Tuesday with the following Java tutorials:

Tim Boudreau and his project team presented an overview and breakdown on Sun’s open source
NetBeans project. NetBeans is a sophisticated, language and design approach interoperable Integrated Development Environment (IDE) and application development framework. You can think of it as a scaled down version of Sun’s commercial Forte for Java (now Sun ONE Studio). Anyway, Tim began with an introduction to its method, API and more. This was followed by a detailed architectural tour of it.

In the Q&A, I asked the project team about how the detailed file structure influenced
metadata code of NetBeans differ from BEA’s Cajun or WebLogic Workshop product. Specifically,
the NetBeans metadata calls out and encapsulates various Java API and components such as
Servlets and EJB using a common JavaBean component design pattern model. This striking
is similar to the JWS (Java Web Services) file tags, found
in Cajun; and is also a JSR (Java Specification Request) to become a standard in the JCP.
According to Tim, it’s possible BEA did this as a token gesture in order to establish that
it’s involved with Java Web services. BEA has insisted JWS will become a standard others
can use, once established. According to BEA, JWS is meant to be a way for Web services developers to apply
Java 2EE API without having to be experienced with the API. It remains to be seen how
this will play out, but it’s interesting to note that NetBeans and Cajun seem to have
similar mechanisms, with different approaches.

We took a break, and came back to continue the NetBeans tutorial with a focus on an application
from the XEMO open source project. Project lead William Will discussed the motivation,
reason, methodology, architecture and more behind XEMO, which is built on top of the NetBeans framework.
XEMO is a musical note composer, editor and player. Using Music XML and other XML Web
services, the user can take current musical notes and composition and create and/or edit
those notes by instrument, measure and more from a visual standpoint. Then, the user can
play back the created/edited musical code using metadata which calls out the Java Sound
API available in NetBeans. The tutorial concluded with specific code examples on how this
all comes together and works. William said that the next goal for XEMO was to allow the
musical composition to be created/edited using numercal metrics or value. Additionally,
beyond Java Sound, William hinted at the possible addition/use of a Quicktime option and
more.

Lunch came. It was a pleasure to run into Microsoft’s David Stutz and Jason Hunter.
Jason and I lamented on the need for more protein to help get us through the day. Afterall,
he had a day long tutorial for the second straight day, in addition to his other duties as
a vice president with Apache, publisher for Servlets.com and project manager for JDOM.org.
By the way, David is here to promote his shared source .NET CLI project, Rotor.

Afterwards, the tutorial filled day concluded with a sit-in on the last half of Jason’s tutorial on the new
Java 2SE version 1.4. Jason covered the Java NIO or New I/O, which is the name for Java’s faster and more powerful input/output class hierarchy. Then, he covered Java Preferences, which store, retrieve, and modify user preference and configuration data. Then, Jason discussed Assertions, which are a mechanism to ensure program correctness using assertion statements within the code. Because this feature is built into the JVM, there is no extra runtime overhead! Here, he explained how assertions work and how to make the most of this new capability. And finally, Jason concluded with a lenghty talk on Logging.
Logging is, naturally, a mechanism to write program output to log files or other tracking systems during the course of program execution. In this last part of the tutorial, Jason illustrated the use the new Logging API and how it compares or contrasts with the Apache Jakarta project, to log4j.

That’s all for now. See you on Wednesday at OSCON’s unofficial Java conference, which
continues with wall-to-wall sessions from the first one after the day’s keynote to the last,
which ends at 6pm. So, I suggest you get your fill of Java, the liquid kind, first thing in the
morning. Then come on down and learn.

What do you think about NetBeans mechanism. How does it compare and contrast to the JWS proposed by BEA in the JCP? Share your thoughts.

Related link: http://www.onjava.com/pub/q/java_os_directory

The 2002 O’Reilly Open Source Convention (OSCON) Java conference (unofficially) and ONJava.com announce the debut of the new ONJava.com Open Source Java Directory. This directory includes a listing of the many open source Java projects and tools out there, including Apache Jakarta, JBoss, JDOM and more. You can even submit open source Java projects for review and listing.

Related link: http://conferences.oreillynet.com/pub/w/15/tutorials_java.html

Arriving at O’Reilly’s 2002 Open Source Convention (OSCON), the weather is perfect, as usual, and the embrace is warm, thanks to the Sheraton San Diego Hotel and Marina. I’m here to bring attention to the unofficial OSCON Java conference, which started today with two tutorials.

First, Servlets.com and JDOM.org founder/publisher and an Apache vice president Jason Hunter gave a rapid, yet day-long thorough introduction to Java programming from 0 to 60! This intensive course taught the strengths and weaknesses of Java, writing simple but useful applications, and showed you the basic Java idioms from syntax to I/O to threading. The course began with the fundamentals of object oriented (OO) programming. Building on this foundation, Jason then covered the Java language and programming environment fundamentals with topics on syntax, essential classes, OO features of Java, exception handling, and using the Java Development Kit (JDK), now renamed the Java 2 SDK. The course also covered the important subjects of abstract types, I/O using Java streams, threads, and collection classes. Topics included abstract classes and interfaces, character streams, byte streams, serialization of objects, employment of stacking streams, creating threads, thread synchronization, and the new collection classes.

And, JBoss Group’s Andreas Schaefer gave an afternoon tutorial on the new JBoss 3.0: The Next Generation in J2EE. After the big success of JBoss 2.2 and 2.4, which already marked the leading edge of J2EE application server development, JBoss 3.0 (nickname: Rabbit Hole) took another leap to a new frontier where no man has gone before. JBoss 3.0 delivers clustering as well as a fail-over but also provides a framework to a real 24×7 usage. JBoss enables you to deploy new services or update their code base without bouncing the server. Finally, the JBoss kernel design allows the client to tailor JBoss to fit in any environment like Embedded Devices. Andreas’ presentation started with an introduction to the features of JBoss 3.0. Then it introduced you to JMX, because it is the basic framework of JBoss, and discussed the add-ons in JBoss to have a 24×7 framework (recycling loaded classes, manage dependencies between loaded classes and having a loosely coupled system). Moreover, the tutorial went into the core of JBoss and its services like JMS, Security, CMP/CMR etc. Finally, Andreas discussed how to configure and manage JBoss. This included an introduction to JSR-77 which enables a client to manage a J2EE application server in a vendor neutral way.

Tomorrow, the unofficial 2002 OSCON Java conference continues with two more tutorials. One will be on JDK 1.4: New I/O, Assertions, Preferences, and Logging by Jason Hunter, Time: 8:45am - 5:30pm, Location: Spinnaker II in the East Tower. The other will be on Sun’s open source NetBeans project, Time: 8:45am - 12:15pm, Location: Sea Breeze II in the East Tower. Until then, have a great night. If you’re already here in San Diego, of course, you will. Talk to you tomorrow.

I’ve got a problem. I’m the CTO of a company that develops web based systems for the pharmaceutical industry. Our product’s user interface pushes the envelope pretty far, and we spend a lot of time making sure it’s compatible with all the different web browsers our clients might use. We’ve actually got it pretty easy in comparison to companies that produce web sites for general public consumption, since corporations tend to standardize, which gives us a nice little list of things we have to support. So far none of them are using Mozilla. In fact, 100% of them use Internet Explorer as their base browsing platform, with enough copies of Netscape 4.7x floating around to keep things interesting.

As a result, I’ve got IE on most of my computers. I do have Opera at home, which I use for most of my regular browsing and research for writing, but I’m generally stuck with IE. It’s just too much hassle to switch back and forth between browsers, and, overall, the latest versions of IE render HTML well. Opera, as nice as it is, doesn’t always get things right, although this is often the site’s fault as much as the browser’s. The Yahoo Groups web interface is one example of a non-Opera-safe environment, although it remains usable. I just make sure the entire company stays clear of Outlook.

It’s still driving me nuts. About a month or so ago I installed a new workstation and, when setting things up, neglected to install Macromedia Flash. As a result, I’ve been largely spared some of the noiser, more intrusive advertising that has recently become de-rigeur at most commercially funded web sites. But IE does not want me to forget this fact. Every single time I access a page with some plug-in based feature I get either a download plug-in box or, when I disable that, a modal pop-up box informing me that I’m being denied the full browsing experience due to my dark-age browser settings. In some cases (www.doonesbury.com being the example that triggered this rant, as someone emailed me a link to Sunday’s comic on 802.11 war driving) every page will trigger two of these messages, since the X10 pop-under ads want Flash too!

I’ve gone through the configuration dialogs with the proverbial fine toothed comb, and have found no way to disable this. At this point, I’m more than willing to have someone email me and say that I’m a twit who forget to look in such-and-such a place. But I doubt that such-and-such a place actually exists. After all, most of the viewers of msn.com use IE, and their advertisers want to be able to operate effectively. What I’d really like is the opportunity to turn off plug-ins from third parties and in windows I didn’t explicitly create myself, although working around that particular limitation would be pretty trivial.

If we had true standards compliance this wouldn’t be an issue. If web browsers all rendered content (plug-ins and all) the same way, I’d be able to do much less IE specific testing and would therefore have much more choice in browsers. Browsers could then compete on user interface and feature sets, and users wouldn’t be locked into IE with plug-ins engaged in order to view most sites. But we don’t, it’s not in the offing, and it looks like I’m going back to switching between multiple browsers.

Meanwhile, if anyone can tell me how to disable that pop-up I would be eternally grateful.

Can developers assure widespread acceptance and usability if they’re not operating in the same environment (in this case, IE) as their user community?

Related link: http://www.kunstler.com/mags_diary4.html

One of the great things about the web (and about weblogs) is that you can limit your exposure to any one particular person. Unlike traditional social situations, where a half-drunk lunatic can totally ruin a party by clutching at your sleeve and yammering on for hours, in the world of the web you can always type in a new url and leave.

I’m pretty sure that, if I met James Howard Kunstler at a party, I would wind up bored to tears. On the web, on the other hand, he is to be savored ….

So Alan Greenspan kicked off the week by declaring that America’s economic infrastructure was fundamentally sound. Apparently he hasn’t noticed that we have become a nation of fat-assed infotainment zombies living in a toxic medium of car dependency, non-stop advertising, sugar addiction, and credit card binging.

It’s high quality ranting (along with a large dollop of purely irrational anger). And quite interesting. At least, when taken in small, carefully controlled, doses.

Who else writes a good weblog (but would be an awful dinner guest)?

While at the Santa Fe Institute’s Complex Systems Summer School in June of 2000, I was introduced to the fascinating world of Agent Modeling Systems.  There are several of these, such as, Swarm, the grandfather of them all, Repast and Ascape, two modern Java based systems, and StarLogo and NetLogo, the entry level but still powerful systems.

All of them have two interesting features: World: a grid of patches which can independently hold variables and have their own colors, and  Turtles: agents which roam the patches and have their own properties. Northwestern University just released their new NetLogo 1.1 system, so lets play with it a bit to see how it works. Simply download the application from their website, installing as indicated.  To the right, you see the initial layout.  We’ll start by playing with its command center, the blue type-in area below the black display area. Note: click on small images for full size.

The command center accepts commands for the global Observer, or for each of the individual turtles or patches.  You choose which sort via the small dropdown menu.  In the image below left we show the patches being selected. The center image shows the result of one command: “set pcolor (pxcor + pycor)” which simply sets the color (a number between 0 and 140) to the sum of the x and y coordinates.  Silly but illustrative! We then switch to Observer mode and reset the display and create 36 turtles: “clear-patches” and “create-turtles 36“.  We then switch to Turtle mode, and do “set heading who * 10” and “forward 15” which turns the turtles in all directions (”who” is the number of the turtle from 0 to 35) then has them moves them forward one unit, resulting in the image on the right.

Programs are run using a very simple Logo-like language, along with an easy to use GUI for building sliders, buttons, and graphs.

To the right is an image of Thomas Schelling’s famous segregation experiment (click to enlarge). To run this in NetLogo, click on the Models Library entry of the File menu and look at the Segregation model under the Social Science folder. This run has a preference of 30% neighbors “like me”.  It resulted in a ghastly 73% segregation! Below is the “before” and “after”; note the considerable increase in islands of segregated neighborhoods.

The NetLogo documentation which is included in the download, both the pdf manual and the html pages, provide very useful programming help.

Well, I hope this quick drive through has motivated you, gentle reader, to check out NetLogo and/or one of the other modeling systems. They offer truly surprising ways to investigate complex systems. We use them in Sun Labs to evaluate security models for one of our peer document systems, and to prove the closure property for peer networks .. among other things.  I hope you get a chance to try these nifty tools.

Let me know about your experiences with NetLogo or other agent modeling systems

Related link: http://www.zagats.com/

About 5 years ago, I began to rely on Zagat’s Guides. The guides are little red books, specific to a city or locale, which contain very short descriptions (one or two paragraphs) of the restaurants in that area. The descriptions themselves are compiled from volunteers who review the restaurants. Thus, for example, when you find out that Katia’s Russian Tea Room got a 19 (out of 30) for food, you’re seeing the result of dozens (or more) of reviews that were recorded and averaged together.

It’s sort of like a highly structured epinions for food.

The web site is even better. It lets you search for restaurants, and it makes it very easy to submit short reviews. The reviews will be taken into account for the next edition of the guide for that area.

About the only feature missing is the ability to look at the reviews for a restaurant that have been submitted. If a restaurant has gone downhill since the reviews were last compiled, you wouldn’t be able to find it out from Zagat’s (you’d be able to submit a review that said so, but no-one else would be able read the review).

For the record, here’s the review I just wrote of Cafe Kati:

I’ve been there three times. Each time, the food has been excellent. Each time, the service has gotten worse. The topper (and the reason I won’t be going back): they don’t let you take longer than two hours to eat dinner. I had reservations, it was a going away dinner for a valued colleague, and we spent a fair amount of money. The one thing the occasion did not need was a frazzled maitre-d reminding us, repeatedly, that another party was waiting for our table.

What restaurants have you reviewed lately?

Related link: http://conferences.oreillynet.com/os2002/

Java has arrived at this year’s O’Reilly Open Source Convention (OSCON). Unofficially, it’s the open source Java confernece out there in the industry. With over 6,000 open source Java projects, someone has to cover it. Why not O’Reilly, the leading open source technology advocate and publisher?

So, if you’re a Java developer who is saying, “who cares?” Well, you better. The trend is clearly more open source Java. So, the more you know about developing with the latest and best open source Java projects and tools, the better off you will be. Also, with the economy as it is along with its effects on large, mid and small cap firms, these firms are reacting to increase productivity with less costs. Open source goes a long way to solving many of the problems, and encourages an environment for efficient Java project development. Even financial firms like Morgan Stanley Dean Witter encourages and applies open source Java development and solution.

Come to OSCON and learn about open source Java IDE such as NetBeans and Eclipse for developing GUI and applications in quick, efficient and productive ways. Learn about Web containers such as Tomcat and JBoss as they evolve to be reliable, powerful substitutes for the larger, commercial containers like WebLogic and WebSphere in many situations. Learn about clustering, balancing and other techniques for better Web application development. Also, learn preferences, logging and the new Java I/O, as found in the Java 2SE v.1.4. Even learn about Java XP (extreme programming), Java for Mobile Devices and Mod_Perl, and much much more.

Find it all at the four Java tutorials, running Monday and Tuesday, and the ten scheduled Java sessions, running Wednesday, Thursday and Friday. There are also tutorials and sessions on XML and emerging technologies (i.e., Web services, .NET and wireless, etc.). Moreover, enjoy Java related BOFs in the evenings as well as the keynotes and the good times usually found at the convention’s location, sunny San Diego, CA.

So, if you’re not too busy and need a summer break or even unemployed looking to sharpen or learn new skills and tools, come to OSCON. Remember, it might be tax deductable (consult your tax specialist or financial advisor to be sure, of course). See you there.

Related link: http://www.eweek.com/article2/0,3959,373783,00.asp

eWEEK reports that Microsoft is already planning the next major version of the .NET framework. Version 2.0 beta will be code named Whidbey. “The first beta is targeted to go out in January 2003, with a second beta of Whidbey set for August 2003, according to sources. The final version is expected to be released in December 2003.” For now, look for the next .NET framework update, version 1.1, code named Everett later this year.

Related link: http://www.oreillynet.com/pub/a/network/2002/07/15/regexp.html

Look for Java and .NET coverage in O’Reilly’s new Mastering Regular Expressions, 2nd Edition. As the O’Reilly’s online Java and .NET editor, I’m glad to see regualar expression packages in java.util as standard in the latest Java 2SE v.1.4 as well as in the .NET framework. This article by the book’s authors covers what’s new with regular expressions.

Related link: http://www.ama-assn.org/ama/pub/category/3133.html

A client of ours recently asked about Verisign’s partnership with the American Medical Association to provide digital certificates to AMA members. This initiative was launched early last year, and was intended to be a simple application of Verisign’s Public Key Infrastructure products, using the AMA’s membership database to validate the identities of participants. It got me thinking again about the role of identity services in network applications and some of the implications for both productivity and privacy.

The AMA, with over 400,000 members, encompasses most of the doctors, nurses, physician assistants, medical students and so forth in the country. That’s a lot of motivated, professional users, and it’s easy to see why this opportunity looked exciting for Verisign. Between the sheer volume of data exchanged in healthcare and the increasingly stringent privacy regulations being introduced at the state level and higher (including the recent HIPPA legislation, which is going to produce huge revenues for certain consulting firms I’m not involved with), standardized healthcare PKI is extremely attractive. And say what you will about Verisign’s marketing of domain registry services, the integration software they provide for their PKI product is well thought out, reasonably licensed, and easy to use.

My company’s flagship product happens to be all about managing information on physicians, in this case in the pharmaceutical industry. So I watched the AMA’s announcement with interest, as we were already including support for PKI. I sat back and waited for the rush, which never came. According to a Verisign representative I spoke to last week, only about two thousand AMA members have signed up for an ID. It’s probable that a sizeable minority of them never got around to installing it, and no major providers have gotten on board to push the issue. The whole program has been a nonstarter so far, although it could still be turned around by the right kind of corporate support.

One might think that a secure communications infrastructure would be easier to build at the industry level than at the national level. I’ve spent years hoping that the FDA would introduce a standard identifier for doctors doing clinical research. So far it hasn’t happened. The most interesting development towards pervasive identity management I’ve seen so far has been the DOD’s JavaCard based ID card system, which was pushed heavily at this year’s JavaOne.

Since we can’t build the applications without the infrastructure, we’re stuck with proprietary solutions for the foreseeable future. But the propriety approach makes data aggregation and incorporation of new users much more difficult than it has to be. This may be just as well from the consumer privacy perspective, but the limitation often proves crippling when building real-life networked applications. Adding users to a networked workspace by typing in a few AMA numbers and letting the software do the rest is a much more reliable and efficient approach than anything else I can think of.

Industry based PKI is going to be much more secure than citizenry based PKI, and much more controllable. This might mean I have start collecting digital IDs, but I doubt the process will get out of control. Keeping professional and personal separate is a start.

What do you think? Should the government just go ahead and issue us all a digital signature?

Related link: http://crn.channelsupersearch.com/news/crn/36225.asp

R.I.P. WebGain. But what happened to WebGain Studio, formerly Visual Cafe? This Java IDE needs a new home. Where will it go?

Given that Borland has JBuilder; IBM has Visual Age; Sun has Sun ONE Studio (formerly Forte for Java); BEA has (and is banking on WebLogic Workshop/Cajun); Oracle has JDeveloper; and HP dosen’t care (will use and partner with BEA), what’s left of WebGain should look at the following possible buyers:

1. If not acquired, Sybase could use a Java IDE to go with its database products.

2. If not acquired, Novell could use a Java IDE to go with its e-directory and other Web services tools as well as its overall commitment to be a J2EE and Web services vendor.

3. IONA may also make sense.

There may be others, but my hunch is that Novell or Sybase are the top candidates for the WebGain Studio Java IDE. Otherwise, look for it to be purchased or licensed by Apache or some other open source Java community.

What do you think will happen to WebGain Studio? Do you think it should be open sourced?

Related link: http://www.nytimes.com/2002/07/16/technology/16WIRE.html

The New York Times is reporting today that Intel, IBM, AT&T Wireless, and other large companies are in talks about providing a nation-wide 802.11 service. Has anything like this ever happened before?

These are not companies that would normally partner on such an aggressive project. What is their motivation? I assume the cost of the network would not necessarily be covered solely by subscription fees — otherwise why involve the hardware makers? Presumably a large part of the motivation is to create a huge market for hardware that would use the network. (The article mentions, for instance, Intel’s efforts to put WiFi on all its portable chips.)

On the one hand, it’s great to see that this accidental revolution is going so far, so fast, when the planned revolution of Bluetooth has stumbled so dramatically. On the other hand, it’s sad that the word “Apple” doesn’t appear in the article — once again it doesn’t pay to innovate. (Memo to Steve: keep the iPod Mac-only — Intel doesn’t need any more gifts.)

The implications of a nationwide wireless network are pretty incredible. So many of the “That would be a great idea if only…” conversations will have a different ending. The warchalkers will have to get very busy. Yet I have to wonder what service provision will be like if it is run by some hardware vendors and a mishmash of cell phone networks. Intel only recently shut down their Web hosting service offering, which was undistinguished in its market — and that business is a fair sight easier to manage than the end-user ISP market. Sure, service provider companies are involved, but which one is driving?

Here’s an alternate present to consider: what if AOL had done this instead of buying Time Warner with their inflated value? Was content really that synergetic, or would throwing another log on the fire of their real business model have created a better opportunity?

Nah, that’s crazy.

Related link: http://www.theserverside.com/resources/article.jsp?l=MonsonHaefel-Column1

Richard Monson-Haefel is the author of O’Reilly’s Enterprise JavaBeans, 3rd Edition. He begins his EJB 2.1 column with “What’s New In EJB 2.1.” This first installment on TheServerSide will provide an overview of the new features in the EJB 2.1 spec, including support for Web Services through two newly added Web Services APIs: JAX-RPC and JAXM. It also discusses enhancements to the MDB programming model and improvements to EJB QL. The author, as a member of the EJB 2.1 expert group, also provides some recommended improvements to the EJB 2.1 spec.

Related link: http://www.falch.net/Products/

It’s great to see Falch.net, a Palm developer tools company, use a simple open source business model to such beneficial effect. Not only is their product by far the best tool for developing PalmOS applications, they’ve drawn a perfect line between supporting and giving back to the open source community, and creating a revenue opportunity that will drive their business. They deserve support and acknowledgement.

The company’s flagship product, DeveloperStudio for PalmOS, is a Windows IDE that sits on top of PRC-Tools, a gcc-based compiler for PalmOS applications, and PilRC, a PalmOS resource generator. Both PRC-Tools and PilRC are GPL‘d. Falch.net employs a full-time programmer to maintain PRC-Tools. On top of these packages, Falch.net has built all the things at which open source tends to fail: double-clickable installers, professional user interfaces, visual forms designers, and so on. The result? Grassroots, open-source packages that anyone can use and learn from for free, encouraged and helped by a company that expands the user base of these projects by lowering the hurdles to using them.

Perfect. Notice that this company did not need to write a new license or run screaming away from the GPL in order to make open source work for their business. Nor did they need to abandon the idea of product sales and “resort” to a support-based model. They just found the right balance between supporting the community and profiting from their products. More companies should do the same.

Related link: http://news.com.com/2100-1023-942187.html?tag=fd_top

Little by little, the morons are taking over.

A few years ago, when the idea of “deep-linking” and the associated lawsuits first cropped up, I laughed. “There is no such thing as a ‘deep link’,” I said. “It’s all just links.”

“And, anyway, what kind of fool puts content on the web, which is pretty much defined by hyperlinks, and then complains when people link to his pages? That’s just plain stupid.”

But there you have People did just that. Published content, complained about links. And then followed up by filing lawsuits. Finally, in Denmark, a court has decided that linking to other people’s pages can be illegal. They’ve ignored both common sense and the existence of obvious technical solutions in order to prevent people from doing the one thing the web is good at (the thing it was designed for).

What amazes me about this is just how close I am to walking away from this profession. If a decision this stupid can be reached, and if it is upheld, then you’ve got to wonder: is there any point to creating new and wonderful things? It seems like every time something new and wonderful is created, another 10,000 control-crazed lawyer-happy freaks start filing frivolous patents and hurling injunctions at anything which moves.

P.S. In case you’re wondering: the title comes from The CIA’s World Facttbook Entry on Denmark. Denmark is not, apparently, a technology powerhouse.

Ever feel like cashing out and starting a farm to grow organic vegetables? Or would the lawyers follow us there too?

Related link: http://www.siliconvalley.com/mld/siliconvalley/business/columnists/dan_gillmor/e…

It’s hard to summarize. But you should read, or at least look at, this.

Now that we’ve all been educated, where does all the talk lead?

Related link: http://www.oreillynet.com/cs/weblog/query/q/weblog?id_author=%5B27%5D&x-o=71

So I was scanning through Tim O’Reilly’s weblog (it’s long, and full of interesting articles). But I noticed that a lot of the articles he refers to are gone. For example, the top article in the above search (about Bill Gates’s eulogy for Michael Dertouzos).

I can find out that the article existed. And what Tim thought when he read it. But the actual article has disappeared.

This is sort of like the position that classicists are in: they can read commentaries from antiquity about the plays of Sophocles. But some of the actual plays themselves have been lost for centuries.

The difference is that we’re doing this to ourselves, in real time.

What’s your favorite page-that-is-no-longer-there?

Related link: http://www.servlets.com/blog/archives/000028.html

Servlets.com Publisher and Apache Software Foundation Vice President Jason Hunter reports on some good news in the Apache-Sun relationship.

“Apache has signed a newly formed (and much improved) TCK License covering all the JSRs on which it’s
active, allowing Apache to continue participating in the JCP. This new TCK License is becoming the Sun
boilerplate and promises to bring benefits to all JSR licensees, both commercial and open source, by
allowing true legitimate independent implementations of Java technology for the first time.”

Related link: http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2872421,00.html

I’m linking to an article by Larry Seltzer where he makes the claim that Java is a failure on the client. I’ve been using Java since JDK 1.0 for MANY different clients, and have had a lot of success with web clients, Swing clients, AWT clients, etc. I’ll be the first to say that Java could always use some performance improvements, particularly with Swing, but it is easily fast enough for a vast majority of business apps.

Here are some choice quotes from the article:

“As far as desktop systems go, Java probably never had a chance because essentially it’s an inappropriate technology for most development projects.”

Larry offers no data or explanation. I think Java is very appropriate for most projects because it is a relatively easy language, free, and highly portable. It performs very well in most scenarios.

I always refer my clients to Sun’s “Swing Sightings” column for some good examples of very successful client applications written in Java. The URL is http://java.sun.com/products/jfc/tsc/index.html

“And by freezing Microsoft at version 1.1.4, Sun has made it difficult for anyone who wants to write an application that requires a later version of the VM.”

Deployment might be more difficult, but development is as easy as downloading the JDK from Sun. I could go on with additional quotes, but you get the point.

Here’s my beef with Larry’s article. While he makes some good points, he ruins everything by taking such an extremist stance on everything. The world of software development and languages is not so black and white. I’m always skeptical when I read articles that claim “such and such is a FAILURE”. I generally believe that authors of such articles are most interested in stirring up controversy.